Slashdot Mirror
Curious Yellow, Superworm
jpmccord writes "Brandon Wiley's white paper, Curious Yellow, explains how "a superworm -- a worm that coordinates it actions among infected hosts and launches a massive distributed denial of service attack on any hosts it can't infect using those it can" (via disLEXia, a weblog by Maximillian Dornseif). The "doomsday scenario" frightens "even us", says Dornseif. An accompanying discussion rebukes Wiley's article a bit. Aaron Swartz's light-hearted take is rather entertaining: "So go read it now and find out how you can take over the whole Internet. And if you're going to, could you give me 24 hours notice?""
Why let the worms have all the fun?
A spider attack could crawl all the webservers looking for IIS machines, or flaws on other servers. Link by link taking down servers...
www.Beyond7.com Insane modern art water sculpture.
...this was posted some days ago, I'm just too lazy to go find the link.
Who is General Failure and why is he reading my hard disk?
It could also submit every computer it couldn't infect as containing something of interest to the slashdot community. Who needs a ddos attack?
Sig (appended to the end of comments I post, 54 chars)
http://quiz.ravenblack.net/blood.pl?3331888710
Sweet friggin christ. If it's a dupe, REMOVE IT.
88 Miles an hour and shit
So it cant get on my machine, then it will ddos me.. nice.. but what do I care, it will stop doing that and then my machine is still clear.. and if it will affect a lot of machines on my ISP's network, wont the ISP do something about it?
http://www.virtualconcepts.nl/
The Slashdot community may be faced with the "Curious Yellow Post" that may take over all other slashdot news in just a few days...
If anyone attempts to post other news it will immediately be taken off the site and replaced by a link to the "Curious Yellow Post"...
"I don't know that Atheists should be considered as citizens, nor should they be considered patriots." -George H.W. Bush
of this article.
Then I guess there's nothing we can do. The Internet is doomed.
... after I get a new Passport ID, that is.
Still, I know I'll be able to read about the new one on MSNBC.newtld a day or two afterwards
; -- the corruption of government starts with its secrets. a truly free people keep no secrets. --
...a curious sense of deja vu
The "doomsday scenario" frightens "even us", says Dornseif.
Doomsday? Hey guys, it's the internet! Who's gonna die if the internet shuts down? Come on now, it's not like the next ice age or nuclear war! 99% of worlds population won't give a shit if the internet shuts down for a few days. Who cares if a bunch of nerds freak out 'cause they can't read their emails?
The main question is, are YOU so addicted to the net, that you would use the term "doomsday", if it shuts down?
From the description, which seems very clear, I like the image the thought of "reverse-mapping" it back into meatspace evokes:
There's a (biological) virus to which humans are either immune, or not - just like any other virus.
The people who catch it, however, are turned into attack zombies primed to attack specifically the immune humans.
... yup, this dude's got all bases covered. Kenny's gonna die. (Sounds like a King novel. But mebbe a short one)
yes, we have no bananas
Note that both Curious Yellow and Palladium are still theoric menaces.
If you really think about it, the math behind such an event may not work out....My guess is, there simply aren't enough hosts on the net that are simultaneously A) succeptible to infection B) sitting on static IPs, and C) unmonitored by human eyes. All three conditions must exist in order for the worm to propogate -- If any one of those factors is absent, that particular thread of the superworm is halted. It makes the scenario described in this article practically impossible. Sure, a superworm may exist, but it would be so slow-moving and predictable that it would be no more a threat than any other form of DoS attack.
If you really want something abstract to think about, consider this: How is this "superworm" different than, say, a non-existant website mentioned on a nationwide TV broadcast? Instead of malicious code generating the resulting network congestion, its humans -- The net result is the same -- The effect will taper off as T increases. Nothing to really worry about, in other words.
Yeah, I know. I'm sure someones gonna come back and read this 10 years from now and want to slap me silly with a 10 lbs. trout, for my lack of forethought.. But seriously, I think these sort of stories are more along the lines of interesting fiction than they are real-world possibilities.
Cheers,
Bowie J. Poag
Come on Pinky, let's prepare for tomorrow evening.
Why Brain? What are we going to do tomorrow evening?
Same as every evening, we try to take over the Internet!
--
Karma 50, and all I got was this lousy T-Shirt.
Game over man, game over
These worm and virii writers are pretty harmless... If they were really malicious we would have seen Nimbda doing things like delete *.doc *.xls or format the hard drive.
A very scary worm would simply spread it's self quietly and slowly, wait for a doomsday time to tick and then Boom... simply start a massive delete fest on the computers or to be even more sinister start changing numbers randomly in spreadsheets and documents... like simply adjusting up or down by a random amount.
Once a virus or worm has admin control or system control it can do anything and luckily we still havent had one of these buggers do any destructive things...
I am expecting it though... It's just like guns... most of the planet can safely own and use them and only a few lunatics start blowing people's heads off.
Do not look at laser with remaining good eye.
This reminds me of that book by confucious 'Tayloring the Masses' if my memory serves me right, that an internettype structure will eventually emerge through communication between people.
The interesting part is that he concludes that this structure of information would be harder to lay down than to take over the world.
So Bush - are you up for a challenge?
Well... I guess it's just me, but I really can't worry about a worm that sounds so much like that little monkey... what's his name... Curious George. I mean - if it gets to a point where the worm is doing serious damage, give it a banana! Or better yet - feed it pieces of a puzzle... that sent him to the hospital if I remember correctly...
The thing I would worry about, is what if that guy with the big yellow hat does something. With that kind of hat you could really do some damage to a network - think Oddjob on a MUCH larger scale!
Well... as I said - maybe it's just me...
- L to the amer, B to the unny.
It seems to me the claim a bit like this case:
I go to a conference and present a poster paper. On the back of the poster, being the intelligent, trusting fool that I am, I copy all my secret data that I don't want anybody to see. Somebody peeks behind the poster, sees this data, and tells the whole conference and now they all know my secrets.
But I am not at fault here and the wrong doing is all by the guy who originally looked behind my poster?!
Yeah, right!
----------------------------------- My Other Sig Is Hilarious -----------------------------------
Reading this the idea that it could use distributed communication to monitor and control the infection rate triggered the term "Distributed Computing" in my mind. The amount of processing power that could be harnessed by such a worm is tremendous. Even if the worm used a small fraction of procession time from a large infected base population its power would probably be enough to do some good calculations quickly. I don't think the algorithms are ready yet, but imagine if you can use this worm to distribute a distributed AI. Combine this with the concept of virus polymorphism, and you have a virus that could stay alive, possibly undetected in the open, and do some interesting stuff. Maybe I've been reading too much sci-fi (Ender's Game) but couldn't these concepts, which are now very real, be used to create an internet life form if you will. Anyway, I don't claim to be an expert on anything I just talked about but I wanted to get the idea out into the open.
-sonic
I like it!
:-)
reposting a post thats been modded +5 Insightful...
It's good but not that good
"I don't know that Atheists should be considered as citizens, nor should they be considered patriots." -George H.W. Bush
...because if some sufficiently skilled h4x0rz put your ideas into practice, and launch global worm warfare, some accusing fingers could end up pointing in your direction.
:)
But if the worms do their job sufficiently well, the police/justice systems will be so adversely affected that your arrest papers won't even see the light of day
Well done, dude! You've covered a lot of angles in your paper. You may have even launched the bootloader for Project Mayhem!
-- In the beginning was the WORD, and the WORD was UNSIGNED, and the main(){} was without form and void...
Anti-virus companies Norton and Sophos today announced they had spotted a new virus in the wild. According to anti-virus experts a new virus known only as "Curious Yellow" has been attacking the popular Slashdot.org site.
The site has already been hit twice, with a story appearing on their main 'articles' section. The virus has been spoofing known slashdot editors such as 'Hemos' and 'michael'. The site has yet to comment on these attacks, but have warned there is a risk that further variants may attack their 'slashback' section later this week.
So far there is no known cure for this virus.
insignificant sig
"Curious Yellow Post"...... "Curious Yellow Post"...... "Curious Yellow Post".... "Curious Yellow Post"...... For the love of God someone get me out of this loop!
Little. Yellow. Different.
www.timcoleman.com is a total waste of your time. Never go there.
Yuk Yuk Yuk
-- Many men would appreciate a woman's mind more if they could fondle it
Imminent Death Of The Net Predicted! prov.
[Usenet] Since Usenet first got off the ground in 1980-81, it has grown exponentially, approximately doubling in size every year. On the other hand, most people feel the signal-to-noise ratio of Usenet has dropped steadily. These trends led, as far back as mid-1983, to predictions of the imminent collapse (or death) of the net. Ten years and numerous doublings later, enough of these gloomy prognostications have been confounded that the phrase "Imminent Death Of The Net Predicted!" has become a running joke, hauled out any time someone grumbles about the S/N ratio or the huge and steadily increasing volume, or the possible loss of a key node or link, or the potential for lawsuits when ignoramuses post copyrighted material, etc., etc., etc.
Savant
Yes, something funny is definitely going on right now on the net. These statistics are solid and based on 4 years of data going back to 1998: my firewall has detected on average 1 probe every 3 hours.
On 28th September this year I made the mistake of visiting the website of Taiwanese motherboard maker QDI Group website to download a newer BIOS. Literally within seconds my firewall started getting hit by netbios probes. It's been about two probes a minute all day every day from sites all over the world since 28th September. That's a 400-fold increase! It's getting worse. They're from all over the place but always TCP to netbios port 137.
Does anyone else want to try vsiiting www.qdigrp.com?? Has anyone else seen the same pattern? I'll post a few of the IPs here. Maybe someone will recognise them.
Why oil price increase equals economic trouble (Score: Interesti
I would be more worried if the worm ran around breaking things and choking children, like
furious yellow.
"Anyway, long story short... is a phrase whose origins are complicated and rambling...." - Abraham Simpson
sheesh... twice in a week. Good thing I have no data limits on that line...
Apparantly so were they!
"And like that
Brandon Wiley's white paper, Curious Yellow, explains how "a superworm -- a worm that coordinates it actions among infected hosts and launches a massive distributed denial of service attack on any hosts it can't infect using those it can" (via disLEXia, a weblog by Maximillian Dornseif).
The number of superfluous clauses on this sentence EASILY defeats a Henry Rollins rant. This sentence says "Blah blah's paper says how...", then follows a lengthy quote explaining the direct object (a superworm; in essence, simply renaming the noun at great length for expository purposes). After that we find a parenthetical phrase and....nothing. There was totally no predicate to that beast of a sentence.
A simple but devastating Windows worm design would be one that selected a local system DLL at random, asked a peer worm on a similar system for its timestamp for the same DLL, then replaced the newer DLL with the older one. Other than some minor details, that's it.
This would be subtle and very damaging: systems in the worm network would progressively become unpatched against security vulnerabilities. It would be computer equivalent of an autoimmune deficiency like AIDS. Little harm would be done directly, but it would undermine sysadmin patches and open up the host to infection from all other earlier known forms of attack.
The dynamics of such a P2P worm system as a whole would be to eventually seek the lowest common denominator patch level.
Such a worm would ideally not render Windows systems inoperable/defunct, so maybe only a small subset of system DLL's would be considered and some date limit to the degree of DLL downgrading might need to be incorporated. This is all hypothetical, but such a worm would make maximum benefit of the "DLL hell" weakness of Windows.
Too bad you copied it verbatim from another Slashdot user on the last time this article was posted.
That's illegal!
"And like that
...but I didn't see how this worm will deal with the fact that it has to infect a hetrogenous environment. There is no way a single variant of a worm could effect every internet connected machine out there. If there are different versions, then how would it update itself? It's not like a worm can just infect a random computer at will, there has to be a specific vunerability that it uses. The best defense to this kind of attact is the kind of internet we have now: different OS's on different hardware running different services.
Comment removed based on user account deletion
I think someone already said that
.sig with the GPL then
I think I'll just replace my
;
...the worlds largest reboot and reformat session EVER! I can almost hear the beeps now... I hope M$ planned for this contingency when they created their computer key system for XP. There will be a lot of people reactivating their keys at the same time!
today is spelling optional day.
With this story slashdot has hit an all time grammar low. I'm still trying to figure out what its supposed to be about.
SheWhoWalksWithToesLikeCobras
-SheWhoWalksWithToesLikeCobras Please enter any 11-digit prime number to continue...
you make it think your infected, and it wont attack you.
Yeah I wondered how long it would take you to notice.
I figured that since the article was a repeat I would save everyone some trouble.
It's funny that one time I even reposted a comment from the subject to the sig and got + mods for it.
This place is wacky.
So... how much do I owe you in royalties for using your IP?
Ursula Andress, Catherine Deneuve, and Charo, twice...
No royalties, I think you just started the latest craze:
/. comments sharing :)
p2p
Cheers,
Florian
Well if it comes down to being a victim of a ddos, or helping in it, maybe you should purposely allow it to infect you. There might not be an outage if you're just helping the ddos of someone else. At least your machine may still function, internet-ly speaking.
Of course, I'm not really crazy (or even serious) about this idea, but helping an attacker (in this case, the worm) may keep his gaze from fixing on you. Then wait till others have defeated the worm and implement their solution. Run with whoever is winning the battle. I would paraphrase from the great Dark Helmet: Evil will win, because Good is dumb.
However, there is nobility in fighting the good fight. Stand up to the oppressive worm, even if it defeats you. Others may succeed where you may fail.
I think I just wrote this to use the phrase "internet-ly speaking"
Seriously, Don't take anything I say seriously.
Why would you post something like that with no warning? Idiot
Forunately it won't matter for anyone with popups disabled, but Internet Explorer users beware.. don't click on the "possible scenario" link.
This page says that "I am Curious Yellow is the title of a Swedish film from 1967 (in Swedish it's Jag aer nyfiken - gul). The following plot summary comes from the Internet Movie Database:
Lena, aged twenty, wants to know all she can about life and reality. She collects information on everyone and everything, storing her findings in an enormous archive. She experiments with relationships, political activism, and meditation. Meanwhile, the actors, director and crew are shown in a humorous parallel plot about the making of the film and their reactions to the story and each other. Nudity, explicit sex, and controversial politics kept this film from being shown in the US while its seizure by Customs was appealed."
Here's the script (best read after ingesting copious amounts of mind-altering drugs, otherwise it doesn't make much sense).
"There are already a million monkeys on a million typewriters, and Usenet is NOTHING like Shakespeare." - Blair Houghton
It can also be a reference to the "Vurt" novel by Jeff Noon. (But I suppose that Noon himself had seen the "I am Curious Yellow" movie)
--
édomaur
Its like you've got blackmail on the king. Do you immediately release it and laugh? No. Do you ask for $10M and split town? Heck no! Ask for 10M this week, attack helicopters the week after that, and a month later, when you own half the phillipines and have your own army and small navy, *then* you point and laugh, but only if you can't control yourself any longer.
If you've got something powerful under your control, the last thing you'd want to do is blow it up. Well, if you're crafty, that is.
One argument to this is that many hackers are in it for the 'glory' and bragging rights. That's true enough, but I'm not afraid of those people. I'm afraid of foreign governments.
Heck, I'm afraid of *our* government doing this. How much worse is it if Code Yellow is required by law to be part of your OS? Granted, I'm feeling paranoid today, but it doesn't seem to far to go to 'combat terrorism', or to 'fight child pornography'. Or consider China, who is already doing a great deal of work to control their citizens' internet access.
$.02
-Zipwow
I don't know which is more depressing, that 2/3 didn't care enough to vote, or that 1/2 of those that did are crazy.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
If Slashdot were given advance notice about the killing of the net then we'd be able to slashdot the offender and take them offline for a bit!! Eh?
What bothers me is the ideas sparked by reading the article. In an ideal world information should be free, but in reading this I envisioned several things not mentioned in the article. Thoughts are dangerous in the wrong hands.
There are Cyber task forces so secret no one knows about them. Governments could very well be working on something like this for cyber weapon purposes.
The ideas represented are enough to keep a smart person up nights. There are those who could make this happen quite easily. These same people have morals and wouldn't do it. But what if those same people worked for a government and were tasked to actually do it? Or worse were radical extremists?
Not so far fetched when you look at the creation of weapons of mass destruction. Biological, Nuclear, etc. Someone thought this stuff up and some government tasked them with making it happen!
The point of the article was technology. However, the possibilites of using said technology are unlimited.
There are those covert experts who don't blab about exploits. These people keep a secret and use it to their advantage when they need it. They don't go willy nilly and release a virus to expose the faults. They use these faults in a focused manner.
Just how many of these covert experts are working for governments right now. Under blackbag operations where the money is virtually unlimited.
Yeah I may sound like a conspiracy nut but a whole lot goes on in this world that the average person is totally unaware of. There are games of life and death being played out every day. Do we live in the dark and believe in our fantasies of security? Or do we open our eyes and ears and understand that their are stories beneath the news stories? Pick up a newspaper and read a major headline story but know in the back of your mind that it's not entirely true.
Look at the ridiculous propaganda that Iraq publishes! Look at the Moscow Theater and the gassing of innocent hostages by the Russian government. Look at the assasination of the American diplomat in Jordan. Come on who believes that wasn't a hit? Who believes that he wasn't working for someone other than a US-AID organization? Look at the Iran Contra fiasco. Look at the super secret stealth planes that were developed over 10 years ago and only recently announced to the public.
Every day, hour, and minute our governments wage a secret war against all other governments and terrorist organizations. I personally have a great deal of respect for those that pursue this profession as they are doing their best to protect us and our way of life.
Knowledge is power. Thoughts can move mountains. Beliefs can be dangerous. Responsibility over dangerous thoughts is important. Hatred and fear is infectious.
I am actually surprised we haven't become extinct yet. The fate of the world is in the hands of very few people. Fortunately, they have managed to keep us from self destructing. Let's pray that we don't keep going down these dangerous roads.
It would not take much to end it all. A simple human mistake would be all it would take. America was two hours away from total worldwide nuclear destruction over the Cuba missile crisis. It was a different world back then, but it's even more dangerous now than it was then.
Security is a complete illusion. Nothing more than a warm touchie feely comfort. Think those armed guards in the airports were there for anything other than making you feel safe? Remember the nut who waltzed right up to the Israeli ticket counter and blew a few people away? He was outside the security checkpoint. Try telling those that died that they were safe and secure.
What about the sniper? That could happen anywhere, anytime. If it had been a coordinated effort by those trained to do so; it would have been much much worse.
All this while idiotic protestors parade around against a war with Iraq. Iraq is a very dangerous country. The US government is not willing to tell anyone what it knows about Iraq. It cannot reveal certain information for security purposes. It might reveal more than it can afford to reveal. The government has released secret information to the senate, hence the decision giving the President authority to strike Iraq. This was fought long and hard by the Democrats then all of a sudden they side with the President. I suspect they have confirmed terrorist ties. I suspect they already have nuclear weapons. I believe they would actually use them.
Anyone who thinks Iraq can be safely left to it's own devices is seriously not thinking about reality.
Earth to Brandon Wiley, have you perhaps heard of the Morris worm?
This DDOS attack was carried out in 1988, and it was done by mistake. Our boy Robert Morris wasn't careful about how quickly the worm spread itself, and as a result when it started infecting computers, about one in seven of them would relentlessly pound away at any host it could find. Now, the Internet wasn't nearly as big as it was today, but even so it meant that hundreds or thousands of infected hosts were lining up to rape any given computer.
These days, you have to be CAREFUL when you write your virii or it'll be much much more than just a minor annoyance, it will flood networks out of existence. This white paper doesn't outline an attack strategy, it demonstrates the destructive effect of sloppy virus design.
"No problem. I have the capacity to do infinite work so long as you don't mind that my quality approaches zero."-Dilbert
Seth
$5 / month hosted VPS on linux = awesome!
Come one man! This is SlashDot... The editors don't even use SPELL-checkers, and you want them to grep for URL's?
;)
#667 can't possibly be your real uid. You MUST be new here.
The REAL jabber has the user id: 13196
What you do today will cost you a day of your life
--- Forunately it won't matter for anyone with popups disabled, but Internet Explorer users beware.. don't click on the "possible scenario" link. --
Ahhh, the joys of browsing with Opera... No popups for me!
:-)
is the name of a knowledge feather in "Vurt" by Jeff Noon. Do check it out. He is one of the most interesting scifi authors I've had the pleasure of reading in recent years. His works might be described as hyper-fairytale cyberpunk. Noon has interesting ways with language.
Read also: the sequels "Pollen," and "Nymphomation," his transforming poetry in "Cobralingus," and his amazing short stories in "Pixel Juice." His Alice in Wonderland followup, "Automated Alice," was ok, but don't take it as representative of the rest of his work. Also, "Needle in the Groove" has been recently published in the UK, with a corresponding CD album, but is not available stateside yet.
I am rather surprised that noone has even bothered mentioning Nick Haflinger or The Shockwave Rider... which describes the precise scenario being discussed here. This is /. and I am pretty sure that almost everyone here has read it.
Buy the ticket, take the ride.
Yeah, but until Steve Gibson goes hysterical, it doesn't really exist.
Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
Lena, aged twenty, wants to know all she can about life and reality. She collects information on everyone and everything, storing her findings in an enormous archive. She experiments with relationships, political activism, and meditation. Meanwhile, the actors, director and crew are shown in a humorous parallel plot about the making of the film and their reactions to the story and each other. Nudity, explicit sex, and controversial politics kept this film from being shown in the US while its seizure by Customs was appealed.
So why is this guy naming super-worms after Swedish pr0n?
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
I know nothing about internet programming (thanks Biffer4810), but here's my eloquent theory:
Spiders kill worse things.
Spiders kill bees, mosquitoes, and Miss Muffet.
Couldn't each IP address have its own guard-spider, to protect, for example, my Teletubby songs and pictures?
I would appreciate a serious technical reply to this. Thanks!
hi, I like pancakes -.-- -.-- --..
Kinda off-topic, but needs to be said.
The name "Curious Yellow" comes from a novel by the british surrealist sci-fi author Jeff Noon. The Novel was called Vurt, and was about people ingesting feathers to take them to dreams. The main character lost his sister/lover to a feather (a meta-feather actually) called Curious Yellow. Curious Yellow was a feather where you lived your memories as colored by your worst nightmares, with infinited pain and all that fun stuff.
There is no attribution for the name in the article, so I feel it is my duty to pimp a great author, and give 'im credit where due.
A patriot must always be ready to defend his country against his government. -edward abbey
A more compact version of the sociological complex propagated by one big mutha of a software company:
Install on as many machines as you can; make interoperability as difficult as possible for those on which you cannot.
*** A NEW KIND OF PROGRAMMING ***
Do you want the instant respect that comes from being able to use technical
terms that nobody understands? Do you want to strike fear and loathing into
the hearts of DP managers everywhere? If so, then let the Famous Programmers'
School lead you on... into the world of professional computer programming.
They say a good programmer can write 20 lines of effective program per day.
With our unique training course, we'll show you how to write 20 lines of code
and lots more besides. Our training course covers every programming language
in existence, and some that aren't. You'll learn why the on/off switch for a
computer is so important, what the words *fatal error* mean, and who and what
you should blame when you make a mistake.
Yes, I want the brochure describing this incredible offer.
I enclose $1000 is small unmarked bills to cover the cost of
postage and handling. (No live poultry, please.)
*** Our Slogan: Top down programming for the masses. ***
- this post brought to you by the Automated Last Post Generator...